Q2BXTOSOO6JRJC0VSEXE85TPI[.]exe

Resubmissions

11-03-2024 06:10

240311-gwz66aea41 5

11-03-2024 06:07

11-03-2024 06:05

11-03-2024 05:58

11-03-2024 05:54

Sharing

Copy URL

Twitter E-mail

General

Target

Q2BXTOSOO6JRJC0VSEXE85TPI.exe
Size

48.4MB
MD5

573d29a8451b96ff9e3564bebd898c4f
SHA1

0d9c09acc6077990f128459f23af5f854f247ed3
SHA256

886b8893731c540ce803e6cd0fd185d3b3f7e047e1e4857070f0d2aa1830b6d2
SHA512

cb1488b61e5f0d6f3bd93ccf03c29512c25623131d983b0ebc60faacc145a18461b72c052f295e746c64c9bcae4e9961d83a456e36c81c583338808885f1607f
SSDEEP

786432:YsaDEMAagMxDymy96TBaIvAlUULAPLP6eXDjt/Fyfk2JoxN+bsyllyX:JaDEMKsDymtTMzLmP609Ck2JoxssyS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Q2BXTOSOO6JRJC0VSEXE85TPI.exe

Files

Q2BXTOSOO6JRJC0VSEXE85TPI.exe
.exe windows:6 windows x64 arch:x64

ca31c13c08d25a0d82bf6667db0682a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

bind

ole32

CreateStreamOnHGlobal

kernel32

GetVersionExA

user32

GetWindowLongPtrW

gdi32

GetObjectA

advapi32

RegOpenKeyExA

shell32

CommandLineToArgvW

oleaut32

SysFreeString

shlwapi

SHDeleteKeyW

iphlpapi

SendARP

d3d9

Direct3DCreate9

ntdll

RtlVirtualUnwind

gdiplus

GdipDisposeImage

msimg32

AlphaBlend

crypt32

CryptMsgOpenToDecode

Sections

HRo<*)@8
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

w_5!+<59
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

9k1F6U;e
Size: - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

[EN`6g]7
Size: - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

pwo,lD`1
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0K_2zwaa
Size: - Virtual size: 29.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sq`/YZ?d
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0^+N,nKu
Size: 48.1MB - Virtual size: 48.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pYASE-rt
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

ca31c13c08d25a0d82bf6667db0682a1

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

ole32

kernel32

user32

gdi32

advapi32

shell32

oleaut32

shlwapi

iphlpapi

d3d9

ntdll

gdiplus

msimg32

crypt32

Sections

HRo<*)@8 Size: - Virtual size: 2.6MB

w_5!+<59 Size: - Virtual size: 1.1MB

9k1F6U;e Size: - Virtual size: 102KB

[EN`6g]7 Size: - Virtual size: 90KB

pwo,lD`1 Size: - Virtual size: 348B

0K_2zwaa Size: - Virtual size: 29.9MB

Sq`/YZ?d Size: 5KB - Virtual size: 5KB

0^+N,nKu Size: 48.1MB - Virtual size: 48.1MB

pYASE-rt Size: 265KB - Virtual size: 264KB

HRo<*)@8
Size: - Virtual size: 2.6MB

w_5!+<59
Size: - Virtual size: 1.1MB

9k1F6U;e
Size: - Virtual size: 102KB

[EN`6g]7
Size: - Virtual size: 90KB

pwo,lD`1
Size: - Virtual size: 348B

0K_2zwaa
Size: - Virtual size: 29.9MB

Sq`/YZ?d
Size: 5KB - Virtual size: 5KB

0^+N,nKu
Size: 48.1MB - Virtual size: 48.1MB

pYASE-rt
Size: 265KB - Virtual size: 264KB